Logging for the Identity Router and Cloud Authentication Service

Document created by RSA Information Design and Development on Jul 14, 2016Last modified by RSA Information Design and Development on Oct 20, 2017
Version 21Show Document
  • View in full screen mode

RSA SecurID Access generates log messages for the Cloud Authentication Service and for the identity router deployed in your virtual environment. The RSA SecurID Authenticate mobile app also generates logs.

Logs for the Cloud Authentication Service

Log messages for the Cloud Authentication Service are triggered by user events, such as when a policy requires a user to provide additional authentication credentials, or when an authentication is unsuccessful. You do not need to configure logging for the Cloud Authentication Service. Log messages are generated automatically. Log messages can be viewed through the Event Monitor in the Cloud Administration Console.

Logs for the Identity Router

RSA SecurID Access provides the following identity router logs:

  • The audit log captures real-time audit events (user, system, or both) on the identity router. Use the audit log to review errors and notifications about application portal sign-in, additional authentication, or user attempts to access protected applications. You can configure RSA SecurID Access to send all audit logs to a syslog server, where they are consolidated from all identity routers and are easy to access. For instructions, see Configure Audit Logging in the Cloud Administration Console.
  • The system log captures real-time system data on the identity router. Use this log to troubleshoot or debug identity router issues such as problems connecting to an LDAP directory server, or problems integrating RSA SecurID Access with a new application.
  • The RADIUS logs capture real-time audit events for the built-in RADIUS server on the identity router if RADIUS is enabled. Use these logs to review errors and notifications about RADIUS authentication and communication with RADIUS clients. The /var/log/radius directory of the identity router log bundle contains the RADIUS log files (radius.log, radiusj.log, and radius-audit.log).

You can generate and download a bundle of identity router logs, which includes the audit, system, and RADIUS logs, and other logs and configuration files. For in-depth troubleshooting, you can temporarily enable debug-level logging, and then generate and download the log data collected during the period of debug-level logging. Debug-level logging is not available for RADIUS. For more information, see Identity Router Logging.

Logs for the RSA SecurID Authenticate App

The RSA SecurID Authenticate app generates logs on the users' devices. Log messages are generated automatically by app and user events for device registration and additional authentication.

Users can email the log files from the More screen.

 

 

You are here
Table of Contents > Logging > Logging for the Identity Router and Cloud Authentication Service

Attachments

    Outcomes